As part of Imunify360’s proactive malware research activities, we recently identified that a plugin named Adicionar Banco Inter ao WooCommerce from WordPress repository, which can be used to identify malware in web servers, indeed had active malware inside one of the plugin’s source files.
During the pandemic lockdowns, many businesses went from office work to an at-home workforce. Studies show that a huge uptick in cyber-attacks started in 2020 after pandemic lockdowns, which means that more attackers were scanning and searching for exploits on web servers. A web server with poor security controls, outdated software, misconfigurations, and overall lack of administration could be subject to numerous cyber-attacks and exploits.
Brute-force attacks are the most widely used cyber-attacks in the cyber-sphere. And dependent on the target, the protection method is unique to the attack. There are two main types of brute-force attacks:
- Service level brute-force, targeting ssh, ftp, smtp services and others.
- Web application level brute-force, e.g. attacks against WordPress, Magento, and similar CMSes and web-scripts.
For website owners unfamiliar with common malware, having malware on your site that doesn’t cause any obvious issues is seemingly harmless to the site owner. How bad can malware be if it just injects links? If site owners do not understand the repercussions of malware, then they will not take it seriously. It often means that these site owners don’t have the necessary monitoring and malware protection in place to defend sites. For shared hosting providers, this issue can have severe consequences and long-term effects on the server’s reputation and potential profitability. Additionally, read our website hosting security article and learn how to keep your website secure in 2021.
Very often, web hosting administrators start to take security measures only after a website has been hacked. So, let us imagine the situation when ImunifyAV has been installed on such an infected server. All malware has been cleaned in one click, and all malicious activity has been stopped.
Doorway pages are a great way to improve a website’s SEO ranking.
They’re also a great way to get your domain blocked by major search engines.
So why are they still prevalent? How do they work, and why should you care if your web server hosts them?
That’s what I’ll cover in this article.
An unlucky upshot of running your own website or online store is that, sooner or later, hackers will add it to their ‘juicy list of prey’. Once in their list, hackers will continuously scan and probe your site for weaknesses, trying to find a way to further their illicit goals.
This article discusses the hidden pitfalls of hosting multiple websites on one hosting account, and how you can remediate the consequences of website cross-contamination.
If you think your site won't be hacked because it's too small to matter, think again. I'll show why that is a false and dangerous assumption.
Many site owners and webmasters think that hackers only care about popular, highly-ranked websites. They are wrong.
High traffic volume helps boost earnings on partner programs by redirecting visitors to other sites, gets more views of unauthorized advertisements and attracts more clicks on rogue links. But that is not the only way hackers make money.
Unprotected sites with low traffic volume are equally attractive to hackers. It is the way they are used that differs from how hackers monetize more popular websites. Any normal site, with an audience of as little as 30 visitors a day, can still be threatened by hacking and infection.
Twenty years on and spam is still a problem. I'll look at why that is and what we can do to reduce or prevent it.
Contrary to popular belief, hacking a site and uploading malicious scripts onto it is not the only way spamming gets a foothold. There are other ways. For example, it could be because of a compromised account, the use of script vulnerabilities, or an incorrectly configured mail server.